From 5590be81be9cdd3f2e157b45b5b608b669046ee3 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Thu, 21 Nov 2024 07:46:04 +0100 Subject: [PATCH] Fix release build --- .github/workflows/ci-build.yml | 8 +- .github/workflows/release.yml | 10 ++- .project-keeper.yml | 30 ++++++-- dependencies.md | 131 ++++++++++++++++----------------- doc/changes/changes_2.8.4.md | 3 +- pom.xml | 18 ----- 6 files changed, 101 insertions(+), 99 deletions(-) diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 9b043b20..728af92a 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -76,6 +76,7 @@ jobs: - name: Build extension id: build-extension run: | + # Packaged JAR is required for building the extension mvn --batch-mode package -DskipTests cd extension npm ci @@ -84,12 +85,7 @@ jobs: npm run lint - name: Run tests and build with Maven id: build-pk-verify - run: | - # Omit clean to speedup build - mvn --batch-mode verify \ - -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ - -DtrimStackTrace=false \ - -Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }} + run: mvn --batch-mode verify -Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }} env: { EXASOL_DB_VERSION: '${{ matrix.exasol_db_version }}' } diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 750fe459..89e95c32 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -104,10 +104,18 @@ jobs: env: { GITHUB_TOKEN: '${{ github.token }}' } + - name: Build extension + id: build-extension + run: | + # Packaged JAR is required for building the extension + mvn --batch-mode package -DskipTests + cd extension + npm ci + npm run build - { name: Build project, id: build, - run: mvn --batch-mode -DskipTests clean verify + run: mvn --batch-mode -DskipTests verify } - { name: List secret GPG keys, diff --git a/.project-keeper.yml b/.project-keeper.yml index ef14a7cd..9fdf0186 100644 --- a/.project-keeper.yml +++ b/.project-keeper.yml @@ -36,6 +36,7 @@ build: name: Build extension id: build-extension run: | + # Packaged JAR is required for building the extension mvn --batch-mode package -DskipTests cd extension npm ci @@ -47,13 +48,30 @@ build: content: name: Run tests and build with Maven id: build-pk-verify - run: | - # Omit clean to speedup build - mvn --batch-mode verify \ - -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ - -DtrimStackTrace=false \ - -Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }} + # Omit clean to speedup build + run: mvn --batch-mode verify -Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }} env: # Set additional environment variable as in scala projects the scalatest plugin does not forward # the system property -Dcom.exasol.dockerdb.image to the test's implementation. EXASOL_DB_VERSION: ${{ matrix.exasol_db_version }} + + - name: release.yml + stepCustomizations: + - action: INSERT_AFTER + stepId: verify-release + content: + name: Build extension + id: build-extension + run: | + # Packaged JAR is required for building the extension + mvn --batch-mode package -DskipTests + cd extension + npm ci + npm run build + - action: REPLACE + stepId: build + content: + name: Build project + id: build + # Omit clean to speedup build. Tests already ran durning CI build. + run: mvn --batch-mode -DskipTests verify diff --git a/dependencies.md b/dependencies.md index bd92ece5..07f04514 100644 --- a/dependencies.md +++ b/dependencies.md @@ -84,35 +84,34 @@ | Dependency | License | | -------------------------------------------------------- | --------------------------------------------- | | [Project Keeper Maven plugin][91] | [The MIT License][92] | -| [OpenFastTrace Maven Plugin][93] | [GNU General Public License v3.0][94] | -| [Scalastyle Maven Plugin][95] | [Apache 2.0][39] | -| [spotless-maven-plugin][96] | [The Apache Software License, Version 2.0][3] | -| [scalafix-maven-plugin][97] | [BSD-3-Clause][18] | -| [Exec Maven Plugin][98] | [Apache License 2][3] | -| [Apache Maven Clean Plugin][99] | [Apache-2.0][3] | -| [Apache Maven Install Plugin][100] | [Apache-2.0][3] | -| [Apache Maven Resources Plugin][101] | [Apache-2.0][3] | -| [Apache Maven Site Plugin][102] | [Apache License, Version 2.0][3] | -| [SonarQube Scanner for Maven][103] | [GNU LGPL 3][104] | -| [Apache Maven Toolchains Plugin][105] | [Apache-2.0][3] | -| [Apache Maven Compiler Plugin][106] | [Apache-2.0][3] | -| [Apache Maven Enforcer Plugin][107] | [Apache-2.0][3] | -| [Maven Flatten Plugin][108] | [Apache Software Licenese][3] | -| [org.sonatype.ossindex.maven:ossindex-maven-plugin][109] | [ASL2][6] | -| [scala-maven-plugin][110] | [Public domain (Unlicense)][111] | -| [ScalaTest Maven Plugin][112] | [the Apache License, ASL Version 2.0][37] | -| [Apache Maven Javadoc Plugin][113] | [Apache-2.0][3] | -| [Maven Surefire Plugin][114] | [Apache-2.0][3] | -| [Versions Maven Plugin][115] | [Apache License, Version 2.0][3] | -| [duplicate-finder-maven-plugin Maven Mojo][116] | [Apache License 2.0][39] | -| [Apache Maven Assembly Plugin][117] | [Apache-2.0][3] | -| [Apache Maven JAR Plugin][118] | [Apache-2.0][3] | -| [Artifact reference checker and unifier][119] | [MIT License][120] | -| [Maven Failsafe Plugin][121] | [Apache-2.0][3] | -| [JaCoCo :: Maven Plugin][122] | [EPL-2.0][123] | -| [Quality Summarizer Maven Plugin][124] | [MIT License][125] | -| [error-code-crawler-maven-plugin][126] | [MIT License][127] | -| [Reproducible Build Maven Plugin][128] | [Apache 2.0][6] | +| [Scalastyle Maven Plugin][93] | [Apache 2.0][39] | +| [spotless-maven-plugin][94] | [The Apache Software License, Version 2.0][3] | +| [scalafix-maven-plugin][95] | [BSD-3-Clause][18] | +| [Exec Maven Plugin][96] | [Apache License 2][3] | +| [Apache Maven Clean Plugin][97] | [Apache-2.0][3] | +| [Apache Maven Install Plugin][98] | [Apache-2.0][3] | +| [Apache Maven Resources Plugin][99] | [Apache-2.0][3] | +| [Apache Maven Site Plugin][100] | [Apache License, Version 2.0][3] | +| [SonarQube Scanner for Maven][101] | [GNU LGPL 3][102] | +| [Apache Maven Toolchains Plugin][103] | [Apache-2.0][3] | +| [Apache Maven Compiler Plugin][104] | [Apache-2.0][3] | +| [Apache Maven Enforcer Plugin][105] | [Apache-2.0][3] | +| [Maven Flatten Plugin][106] | [Apache Software Licenese][3] | +| [org.sonatype.ossindex.maven:ossindex-maven-plugin][107] | [ASL2][6] | +| [scala-maven-plugin][108] | [Public domain (Unlicense)][109] | +| [ScalaTest Maven Plugin][110] | [the Apache License, ASL Version 2.0][37] | +| [Apache Maven Javadoc Plugin][111] | [Apache-2.0][3] | +| [Maven Surefire Plugin][112] | [Apache-2.0][3] | +| [Versions Maven Plugin][113] | [Apache License, Version 2.0][3] | +| [duplicate-finder-maven-plugin Maven Mojo][114] | [Apache License 2.0][39] | +| [Apache Maven Assembly Plugin][115] | [Apache-2.0][3] | +| [Apache Maven JAR Plugin][116] | [Apache-2.0][3] | +| [Artifact reference checker and unifier][117] | [MIT License][118] | +| [Maven Failsafe Plugin][119] | [Apache-2.0][3] | +| [JaCoCo :: Maven Plugin][120] | [EPL-2.0][121] | +| [Quality Summarizer Maven Plugin][122] | [MIT License][123] | +| [error-code-crawler-maven-plugin][124] | [MIT License][125] | +| [Reproducible Build Maven Plugin][126] | [Apache 2.0][6] | ## Extension @@ -120,7 +119,7 @@ | Dependency | License | | ------------------------------------------ | ------- | -| [@exasol/extension-manager-interface][129] | MIT | +| [@exasol/extension-manager-interface][127] | MIT | [0]: https://www.scala-lang.org/ [1]: https://www.apache.org/licenses/LICENSE-2.0 @@ -215,40 +214,38 @@ [90]: http://logback.qos.ch/logback-core [91]: https://github.com/exasol/project-keeper/ [92]: https://github.com/exasol/project-keeper/blob/main/LICENSE -[93]: https://github.com/itsallcode/openfasttrace-maven-plugin -[94]: https://www.gnu.org/licenses/gpl-3.0.html -[95]: http://www.scalastyle.org -[96]: https://github.com/diffplug/spotless -[97]: https://github.com/evis/scalafix-maven-plugin -[98]: https://www.mojohaus.org/exec-maven-plugin -[99]: https://maven.apache.org/plugins/maven-clean-plugin/ -[100]: https://maven.apache.org/plugins/maven-install-plugin/ -[101]: https://maven.apache.org/plugins/maven-resources-plugin/ -[102]: https://maven.apache.org/plugins/maven-site-plugin/ -[103]: http://sonarsource.github.io/sonar-scanner-maven/ -[104]: http://www.gnu.org/licenses/lgpl.txt -[105]: https://maven.apache.org/plugins/maven-toolchains-plugin/ -[106]: https://maven.apache.org/plugins/maven-compiler-plugin/ -[107]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ -[108]: https://www.mojohaus.org/flatten-maven-plugin/ -[109]: https://sonatype.github.io/ossindex-maven/maven-plugin/ -[110]: http://github.com/davidB/scala-maven-plugin -[111]: http://unlicense.org/ -[112]: https://www.scalatest.org/user_guide/using_the_scalatest_maven_plugin -[113]: https://maven.apache.org/plugins/maven-javadoc-plugin/ -[114]: https://maven.apache.org/surefire/maven-surefire-plugin/ -[115]: https://www.mojohaus.org/versions/versions-maven-plugin/ -[116]: https://basepom.github.io/duplicate-finder-maven-plugin -[117]: https://maven.apache.org/plugins/maven-assembly-plugin/ -[118]: https://maven.apache.org/plugins/maven-jar-plugin/ -[119]: https://github.com/exasol/artifact-reference-checker-maven-plugin/ -[120]: https://github.com/exasol/artifact-reference-checker-maven-plugin/blob/main/LICENSE -[121]: https://maven.apache.org/surefire/maven-failsafe-plugin/ -[122]: https://www.jacoco.org/jacoco/trunk/doc/maven.html -[123]: https://www.eclipse.org/legal/epl-2.0/ -[124]: https://github.com/exasol/quality-summarizer-maven-plugin/ -[125]: https://github.com/exasol/quality-summarizer-maven-plugin/blob/main/LICENSE -[126]: https://github.com/exasol/error-code-crawler-maven-plugin/ -[127]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE -[128]: http://zlika.github.io/reproducible-build-maven-plugin -[129]: https://registry.npmjs.org/@exasol/extension-manager-interface/-/extension-manager-interface-0.4.3.tgz +[93]: http://www.scalastyle.org +[94]: https://github.com/diffplug/spotless +[95]: https://github.com/evis/scalafix-maven-plugin +[96]: https://www.mojohaus.org/exec-maven-plugin +[97]: https://maven.apache.org/plugins/maven-clean-plugin/ +[98]: https://maven.apache.org/plugins/maven-install-plugin/ +[99]: https://maven.apache.org/plugins/maven-resources-plugin/ +[100]: https://maven.apache.org/plugins/maven-site-plugin/ +[101]: http://sonarsource.github.io/sonar-scanner-maven/ +[102]: http://www.gnu.org/licenses/lgpl.txt +[103]: https://maven.apache.org/plugins/maven-toolchains-plugin/ +[104]: https://maven.apache.org/plugins/maven-compiler-plugin/ +[105]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ +[106]: https://www.mojohaus.org/flatten-maven-plugin/ +[107]: https://sonatype.github.io/ossindex-maven/maven-plugin/ +[108]: http://github.com/davidB/scala-maven-plugin +[109]: http://unlicense.org/ +[110]: https://www.scalatest.org/user_guide/using_the_scalatest_maven_plugin +[111]: https://maven.apache.org/plugins/maven-javadoc-plugin/ +[112]: https://maven.apache.org/surefire/maven-surefire-plugin/ +[113]: https://www.mojohaus.org/versions/versions-maven-plugin/ +[114]: https://basepom.github.io/duplicate-finder-maven-plugin +[115]: https://maven.apache.org/plugins/maven-assembly-plugin/ +[116]: https://maven.apache.org/plugins/maven-jar-plugin/ +[117]: https://github.com/exasol/artifact-reference-checker-maven-plugin/ +[118]: https://github.com/exasol/artifact-reference-checker-maven-plugin/blob/main/LICENSE +[119]: https://maven.apache.org/surefire/maven-failsafe-plugin/ +[120]: https://www.jacoco.org/jacoco/trunk/doc/maven.html +[121]: https://www.eclipse.org/legal/epl-2.0/ +[122]: https://github.com/exasol/quality-summarizer-maven-plugin/ +[123]: https://github.com/exasol/quality-summarizer-maven-plugin/blob/main/LICENSE +[124]: https://github.com/exasol/error-code-crawler-maven-plugin/ +[125]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE +[126]: http://zlika.github.io/reproducible-build-maven-plugin +[127]: https://registry.npmjs.org/@exasol/extension-manager-interface/-/extension-manager-interface-0.4.3.tgz diff --git a/doc/changes/changes_2.8.4.md b/doc/changes/changes_2.8.4.md index f455b667..965309eb 100644 --- a/doc/changes/changes_2.8.4.md +++ b/doc/changes/changes_2.8.4.md @@ -1,4 +1,4 @@ -# Cloud Storage Extension 2.8.4, released 2024-11-20 +# Cloud Storage Extension 2.8.4, released 2024-11-21 Code name: Fix vulnerabilities CVE-2024-23454 & CVE-2024-47561 & CVE-2024-47554 & CVE-2024-51504 & CVE-2024-47535 @@ -77,6 +77,7 @@ This release fixes the following vulnerabilities in dependencies: * Updated `org.apache.maven.plugins:maven-site-plugin:3.3` to `3.9.1` * Updated `org.apache.maven.plugins:maven-surefire-plugin:3.2.5` to `3.5.1` * Updated `org.codehaus.mojo:versions-maven-plugin:2.16.2` to `2.17.1` +* Removed `org.itsallcode:openfasttrace-maven-plugin:1.6.2` ### Extension diff --git a/pom.xml b/pom.xml index 77086d8c..7fce4251 100644 --- a/pom.xml +++ b/pom.xml @@ -908,24 +908,6 @@ - - org.itsallcode - openfasttrace-maven-plugin - 1.6.2 - - - trace-requirements - - trace - - - - - html - ALL - true - - org.scalastyle scalastyle-maven-plugin